Cybrary, Inc. Privacy Policy
This Cybrary, Inc. (“Cybrary”, “us” or “our”) Privacy Policy (“Privacy Policy”) explains our practices, defines our users’ (“you” or “your”) privacy options, and describes how your information is collected and used by Cybrary. This Privacy Policy, along with our Terms of Service, applies to your use of all Cybrary-branded products and services including your use of our website at www.cybrary.it (“Site”), any services provided by Cybrary any web or mobile applications we develop (collectively, our “Platform”).
This Privacy Policy explains:
- The information we collect about you;
- How that information may be used;
- With whom the information may be shared;
- How you may update the information you provide us;
- How you may contact us; and
- Your choices about the information.
By using the Cybrary Platform, you agree to the terms of this Privacy Policy and our Terms of Service.
COLLECTION AND USE OF USER INFORMATION
This Privacy Policy primarily concerns Personal Information, which deals with individuals, rather than organizations or businesses. “Personal Information” uniquely identifies an individual or can identify an individual by combining it with other data. It includes email addresses, phone numbers, and other information associated with the individual.
We collect Personal Information from you through our Platform, or through any other digital or personal communication between you and us. This may include your name, email address, billing address, general usage metrics of the Platform, your payment information, your profile, email communication history, anything you submit to or post on the Sites, and other information associated with you or your organization. The information collected through the Platform may be stored on servers located in the United States.
We may also collect information from third-party sources, such as Google or Apple, and combine it with information we have collected from you. If Cybrary obtains information from third-party sources, you agree that your sole legal remedy for any harm associated with that information is against the third-party that provided the information.
Cybrary may collect anonymous and/or aggregated data across its various products and services provided that no individual natural person can be identified from such data (“Aggregate Data”). This Aggregate Data is used for analytics, service improvements, and feature development.
LAWFUL BASIS FOR PROCESSING
We process your personal data under one or more of the following lawful bases as defined in Article 6 of the GDPR:
- Performance of a contract – to provide access to our Platform and services you request.
- Consent – for sending marketing communications, non-essential cookies, or collecting certain device permissions. You may withdraw consent at any time by contacting us at privacy@cybrary.it or adjusting your cookie preferences.
- Legitimate interests – to improve our services, ensure network and information security, and communicate with you about relevant products and features (balancing your rights and freedoms).
- Legal obligations – to comply with applicable laws, court orders, or regulatory requirements.
INFORMATION COLLECTION TECHNOLOGY
We use cookies, web beacons, and similar technologies to collect non-personally identifying information about your use of our Sites. These may include IP address, browser type, ISP, referring/exit pages, operating system, date/time stamps, and clickstream data. Cookies allow us to enhance your experience, analyze usage, and provide personalized content.
COOKIES & TRACKING (GDPR/PECR COMPLIANT)
- Essential cookies: required for the Platform to function and set without prior consent.
- Non-essential cookies (analytics, personalization, advertising): set only with your prior consent through our cookie banner or preferences tool.
You may change your cookie settings or withdraw consent at any time via our cookie management tool.
PERMISSIONS
If you use one of our mobile applications, it may request permissions to access features such as your camera, calendar, location, phone, sensors, SMS, or storage. Granting or denying permissions may affect functionality.
CHILDREN’S DATA
In the United States, we comply with COPPA and do not knowingly collect data from children under 13.
For EEA residents under GDPR, you must be at least 16 years old (or the minimum age set by your Member State, which may be 13) to consent to data processing. If we learn that we have collected personal data from a child below the applicable age without verified parental consent, we will delete it promptly.
SHARING USER INFORMATION
We do not sell personal information to third-party advertisers. We may share your information:
- With affiliates, vendors, and partners who help us operate our services (bound by contractual confidentiality obligations);
- As required by law or legal process;
- To protect our rights, property, and safety or that of others;
- With your consent;
- In aggregate form, where no individual can be identified.
INTERNATIONAL DATA TRANSFERS
Personal data collected within the EEA may be transferred to, and stored in, the United States. We protect such transfers through:
- Standard Contractual Clauses (SCCs) approved by the European Commission; or
- Other safeguards permitted under GDPR.
You may request details of these safeguards at privacy@cybrary.it.
DATA RETENTION
We retain personal data only as long as necessary to fulfill the purposes for which it was collected:
- User account data: retained for the duration of your account and up to 12 months after closure, unless longer retention is required by law.
- Financial transaction records: retained for 7 years for tax and compliance purposes.
- Marketing data: retained until you withdraw consent or opt out.
Anonymized aggregate data may be retained indefinitely.
AUTOMATED DECISION-MAKING & PROFILING
We do not use personal data for automated decision-making, including profiling, that produces legal or similarly significant effects for you.
PROTECTION OF USER INFORMATION
We implement administrative, technical, and physical safeguards to protect personal data. While we regularly monitor for vulnerabilities, no method of transmission or storage is completely secure.
EXTERNAL LINKS
We are not responsible for the privacy practices of third-party sites linked from our Platform. Please review their privacy policies before providing any personal data.
CALIFORNIA PRIVACY RIGHTS
California residents have rights under the CCPA, including the right to know, delete, and opt-out of certain sales of personal information, and the right to equal service for exercising those rights.
EU RESIDENT RIGHTS UNDER THE GDPR
You have the right to:
- Access your personal data;
- Rectify inaccurate data;
- Request erasure;
- Restrict processing;
- Object to processing;
- Request data portability.
- Requests are free of charge and will be handled within one month. Contact privacy@cybrary.it to exercise these rights.
DATA PROTECTION OFFICER & EU REPRESENTATIVE
Cybrary has appointed a Data Protection Officer (DPO):
Email: privacy@cybrary.it
Cybrary is not established in the European Union and processes only a limited volume of personal data relating to EU residents (e.g., name, email, basic account activity). Such processing is occasional, does not include large-scale processing of special categories of data under Article 9(1) GDPR or personal data relating to criminal convictions and offences under Article 10 GDPR, and is unlikely to result in a risk to the rights and freedoms of natural persons.
In accordance with Article 27(2)(a) GDPR, Cybrary is therefore not required to designate an EU representative.
CONTACT US
Cybrary, Inc.
Attn: Privacy
4600 River Road STE 400
Riverdale, MD 20737 USA
Email: privacy@cybrary.it
CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy periodically. Changes will be posted on this page with an updated “last updated” date. Continued use of our Platform constitutes acceptance of the changes.